Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-01	CVE-2017-5974	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file. local low complexity zziplib-project debian CWE-119	5.5
2017-03-01	CVE-2016-9559	NULL Pointer Dereference vulnerability in multiple products coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image. network low complexity imagemagick debian CWE-476	6.5
2017-02-24	CVE-2017-6299	Infinite Loop vulnerability in multiple products An issue was discovered in ytnef before 1.9.1. local low complexity ytnef-project debian CWE-835	5.5
2017-02-22	CVE-2017-6188	Improper Input Validation vulnerability in multiple products Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. local low complexity munin-monitoring debian CWE-20	5.5
2017-02-17	CVE-2016-9955	Improper Input Validation vulnerability in multiple products The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly cause a denial of service (memory consumption) by leveraging improper conversion of return values to boolean. local high complexity simplesamlphp debian CWE-20	6.3
2017-02-16	CVE-2017-6011	Out-of-bounds Read vulnerability in multiple products An issue was discovered in icoutils 0.31.1. local low complexity icoutils-project debian redhat CWE-125	5.5
2017-02-16	CVE-2017-6010	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in icoutils 0.31.1. local low complexity icoutils-project debian redhat CWE-119	5.5
2017-02-16	CVE-2017-6009	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in icoutils 0.31.1. local low complexity icoutils-project debian redhat CWE-119	5.5
2017-02-15	CVE-2016-8692	Divide By Zero vulnerability in multiple products The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command. local low complexity jasper-project fedoraproject debian CWE-369	5.5
2017-02-15	CVE-2016-8691	Divide By Zero vulnerability in multiple products The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command. local low complexity jasper-project debian fedoraproject CWE-369	5.5